Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / vboot_reference / 80d129b89da766195a4cda239e8e24989c8cb872 / . / utils / kernel_utility.cc
blob: 4a90d3c5f834b9d1d2e9a9649932185bd684f37e [file] [log] [blame]
Gaurav Shah80d129b2010-03-03 17:58:43 -0800[diff] [blame^]1// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4//
5// Utility for manipulating verified boot firmware images.
6//
7
8#include "kernel_utility.h"
9
10#include <errno.h>
11#include <getopt.h>
12#include <stdint.h> // Needed for UINT16_MAX.
13#include <stdlib.h>
14#include <unistd.h>
15
16#include <iostream>
17
18extern "C" {
19#include "file_keys.h"
20#include "kernel_image.h"
21#include "padding.h"
22#include "rsa_utility.h"
23#include "sha_utility.h"
24#include "utility.h"
25}
26
27extern int errno;
28using std::cerr;
29
30namespace vboot_reference {
31
32KernelUtility::KernelUtility(): image_(NULL),
33 firmware_key_pub_(NULL),
34 header_version_(1),
35 firmware_sign_algorithm_(-1),
36 kernel_sign_algorithm_(-1),
37 kernel_key_version_(-1),
38 kernel_version_(-1),
39 is_generate_(false),
40 is_verify_(false) {
41 // Populate kernel config options with defaults.
42 options_.version[0] = 1;
43 options_.version[1] = 0;
44 options_.kernel_len = 0;
45 options_.kernel_load_addr = 0;
46 options_.kernel_entry_addr = 0;
47}
48
49KernelUtility::~KernelUtility() {
50 RSAPublicKeyFree(firmware_key_pub_);
51 KernelImageFree(image_);
52}
53
54void KernelUtility::PrintUsage(void) {
55 cerr <<
56 "Utility to generate/verify a verified boot kernel image\n\n"
57 "Usage: firmware_utility <--generate|--verify> [OPTIONS]\n\n"
58 "For \"--verify\", required OPTIONS are:\n"
59 "--in <infile>\t\t\tVerified boot kernel image to verify.\n"
60 "--firmware_key_pub <pubkeyfile>\tPre-processed public firmware key "
61 "to use for verification.\n\n"
62 "For \"--generate\", required OPTIONS are:\n"
63 "--firmware_key <privkeyfile>\tPrivate firmware signing key file\n"
64 "--kernel_key <privkeyfile>\tPrivate kernel signing key file\n"
65 "--kernel_key_pub <pubkeyfile>\tPre-processed public kernel signing"
66 " key\n"
67 "--firmware_sign_algorithm <algoid>\tSigning algorithm used by "
68 "the firmware\n"
69 "--kernel_sign_algorithm <algoid>\tSigning algorithm to use for kernel\n"
70 "--kernel_key_version <version#>\tKernel signing Key Version#\n"
71 "--kernel_version <version#>\tKernel Version#\n"
72 "--in <infile>\t\tKernel Image to sign\n"
73 "--out <outfile>\t\tOutput file for verified boot Kernel image\n\n"
74 "Optional arguments for \"--generate\" include:\n"
75 "--config_version <version>\n"
76 "--kernel_load_addr <addr>\n"
77 "--kernel_entry_addr <addr>\n\n"
78 "<algoid> (for --*_sign_algorithm) is one of the following:\n";
79 for (int i = 0; i < kNumAlgorithms; i++) {
80 cerr << i << " for " << algo_strings[i] << "\n";
81 }
82 cerr << "\n\n";
83}
84
85bool KernelUtility::ParseCmdLineOptions(int argc, char* argv[]) {
86 int option_index;
87 static struct option long_options[] = {
88 {"firmware_key", 1, 0, 0},
89 {"firmware_key_pub", 1, 0, 0},
90 {"kernel_key", 1, 0, 0},
91 {"kernel_key_pub", 1, 0, 0},
92 {"firmware_sign_algorithm", 1, 0, 0},
93 {"kernel_sign_algorithm", 1, 0, 0},
94 {"kernel_key_version", 1, 0, 0},
95 {"kernel_version", 1, 0, 0},
96 {"in", 1, 0, 0},
97 {"out", 1, 0, 0},
98 {"generate", 0, 0, 0},
99 {"verify", 0, 0, 0},
100 {"config_version", 1, 0, 0},
101 {"kernel_load_addr", 1, 0, 0},
102 {"kernel_entry_addr", 1, 0, 0},
103 {NULL, 0, 0, 0}
104 };
105 while (1) {
106 int i = getopt_long(argc, argv, "", long_options, &option_index);
107 if (-1 == i) // Done with option processing.
108 break;
109 if ('?' == i) // Invalid option found.
110 return false;
111
112 if (0 == i) {
113 switch (option_index) {
114 case 0: // firmware_key
115 firmware_key_file_ = optarg;
116 break;
117 case 1: // firmware_key_pub
118 firmware_key_pub_file_ = optarg;
119 break;
120 case 2: // kernel_key
121 kernel_key_file_ = optarg;
122 break;
123 case 3: // kernel_key_pub
124 kernel_key_pub_file_ = optarg;
125 break;
126 case 4: // firmware_sign_algorithm
127 errno = 0; // strtol() returns an error via errno
128 firmware_sign_algorithm_ = strtol(optarg,
129 reinterpret_cast<char**>(NULL), 10);
130 if (errno)
131 return false;
132 break;
133 case 5: // kernel_sign_algorithm
134 errno = 0;
135 kernel_sign_algorithm_ = strtol(optarg,
136 reinterpret_cast<char**>(NULL), 10);
137 if (errno)
138 return false;
139 break;
140 case 6: // kernel_key_version
141 errno = 0;
142 kernel_key_version_ = strtol(optarg,
143 reinterpret_cast<char**>(NULL), 10);
144 if (errno)
145 return false;
146 break;
147 case 7: // kernel_version
148 errno = 0;
149 kernel_version_ = strtol(optarg,
150 reinterpret_cast<char**>(NULL), 10);
151 if (errno)
152 return false;
153 break;
154 case 8: // in
155 in_file_ = optarg;
156 break;
157 case 9: // out
158 out_file_ = optarg;
159 break;
160 case 10: // generate
161 is_generate_ = true;
162 break;
163 case 11: // verify
164 is_verify_ = true;
165 break;
166 case 12: // config_version
167 if (2 != sscanf(optarg, "%d.%d", &options_.version[0],
168 &options_.version[1]))
169 return false;
170 break;
171 case 13: // kernel_load_addr
172 errno = 0;
173 options_.kernel_load_addr =
174 strtol(optarg, reinterpret_cast<char**>(NULL), 10);
175 if (errno)
176 return false;
177 break;
178 case 14: // kernel_entry_addr
179 errno = 0;
180 options_.kernel_entry_addr =
181 strtol(optarg, reinterpret_cast<char**>(NULL), 10);
182
183 if (errno)
184 return false;
185 break;
186 }
187 }
188 }
189 return CheckOptions();
190}
191
192void KernelUtility::OutputSignedImage(void) {
193 if (image_) {
194 if (!WriteKernelImage(out_file_.c_str(), image_)) {
195 cerr << "Couldn't write verified boot kernel image to file "
196 << out_file_ <<".\n";
197 }
198 }
199}
200
201bool KernelUtility::GenerateSignedImage(void) {
202 uint32_t kernel_key_pub_len;
203 uint8_t* header_checksum;
204 DigestContext ctx;
205 image_ = KernelImageNew();
206
207 Memcpy(image_->magic, KERNEL_MAGIC, KERNEL_MAGIC_SIZE);
208
209 // TODO(gauravsh): make this a command line option.
210 image_->header_version = 1;
211 image_->firmware_sign_algorithm = (uint16_t) firmware_sign_algorithm_;
212 // Copy pre-processed public signing key.
213 image_->kernel_sign_algorithm = (uint16_t) kernel_sign_algorithm_;
214 image_->kernel_sign_key = BufferFromFile(kernel_key_pub_file_.c_str(),
215 &kernel_key_pub_len);
216 if (!image_->kernel_sign_key)
217 return false;
218 image_->kernel_key_version = kernel_key_version_;
219
220 // Update header length.
221 image_->header_len = GetKernelHeaderLen(image_);
222
223 // Calculate header checksum.
224 DigestInit(&ctx, SHA512_DIGEST_ALGORITHM);
225 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->header_version),
226 sizeof(image_->header_version));
227 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->header_len),
228 sizeof(image_->header_len));
229 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->kernel_sign_algorithm),
230 sizeof(image_->kernel_sign_algorithm));
231 DigestUpdate(&ctx, reinterpret_cast<uint8_t*>(&image_->kernel_key_version),
232 sizeof(image_->kernel_key_version));
233 DigestUpdate(&ctx, image_->kernel_sign_key,
234 RSAProcessedKeySize(image_->kernel_sign_algorithm));
235 header_checksum = DigestFinal(&ctx);
236 Memcpy(image_->header_checksum, header_checksum, SHA512_DIGEST_SIZE);
237 Free(header_checksum);
238
239 image_->kernel_version = kernel_version_;
240 image_->options.version[0] = options_.version[0];
241 image_->options.version[1] = options_.version[1];
242 image_->options.kernel_load_addr = options_.kernel_load_addr;
243 image_->options.kernel_entry_addr = options_.kernel_entry_addr;
244 image_->kernel_data = BufferFromFile(in_file_.c_str(),
245 &image_->options.kernel_len);
246 if (!image_)
247 return false;
248 // Generate and add the signatures.
249 if (!AddKernelKeySignature(image_, firmware_key_file_.c_str())) {
250 cerr << "Couldn't write key signature to verified boot image.\n";
251 return false;
252 }
253
254 if (!AddKernelSignature(image_, kernel_key_file_.c_str())) {
255 cerr << "Couldn't write firmware signature to verified boot image.\n";
256 return false;
257 }
258 return true;
259}
260
261bool KernelUtility::VerifySignedImage(void) {
262 int error;
263 firmware_key_pub_ = RSAPublicKeyFromFile(firmware_key_pub_file_.c_str());
264 image_ = ReadKernelImage(in_file_.c_str());
265
266 if (!firmware_key_pub_) {
267 cerr << "Couldn't read pre-processed public root key.\n";
268 return false;
269 }
270
271 if (!image_) {
272 cerr << "Couldn't read firmware image or malformed image.\n";
273 return false;
274 }
275 if (!(error = VerifyKernelImage(firmware_key_pub_, image_, 0)))
276 return true;
277 cerr << VerifyKernelErrorString(error) << "\n";
278 return false;
279}
280
281bool KernelUtility::CheckOptions(void) {
282 if (is_generate_ == is_verify_) {
283 cerr << "One of --generate or --verify must be specified.\n";
284 return false;
285 }
286 // Common required options.
287 if (in_file_.empty()) {
288 cerr << "No input file specified.\n";
289 return false;
290 }
291 // Required options for --verify.
292 if (is_verify_ && firmware_key_pub_file_.empty()) {
293 cerr << "No pre-processed public firmware key file specified.\n";
294 return false;
295 }
296 // Required options for --generate.
297 if (is_generate_) {
298 if (firmware_key_file_.empty()) {
299 cerr << "No firmware key file specified.\n";
300 return false;
301 }
302 if (kernel_key_file_.empty()) {
303 cerr << "No kernel key file specified.\n";
304 return false;
305 }
306 if (kernel_key_pub_file_.empty()) {
307 cerr << "No pre-processed public kernel key file specified\n";
308 return false;
309 }
310 if (kernel_key_version_ <= 0 || kernel_key_version_ > UINT16_MAX) {
311 cerr << "Invalid or no kernel key version specified.\n";
312 return false;
313 }
314 if (firmware_sign_algorithm_ < 0 ||
315 firmware_sign_algorithm_ >= kNumAlgorithms) {
316 cerr << "Invalid or no firmware signing key algorithm specified.\n";
317 return false;
318 }
319 if (kernel_sign_algorithm_ < 0 ||
320 kernel_sign_algorithm_ >= kNumAlgorithms) {
321 cerr << "Invalid or no kernel signing key algorithm specified.\n";
322 return false;
323 }
324 if (kernel_version_ <=0 || kernel_version_ > UINT16_MAX) {
325 cerr << "Invalid or no kernel version specified.\n";
326 return false;
327 }
328 if (out_file_.empty()) {
329 cerr <<"No output file specified.\n";
330 return false;
331 }
332 }
333 return true;
334}
335
336} // namespace vboot_reference
337
338int main(int argc, char* argv[]) {
339 vboot_reference::KernelUtility fu;
340 if (!fu.ParseCmdLineOptions(argc, argv)) {
341 fu.PrintUsage();
342 return -1;
343 }
344 if (fu.is_generate()) {
345 if (!fu.GenerateSignedImage())
346 return -1;
347 fu.OutputSignedImage();
348 }
349 if (fu.is_verify()) {
350 cerr << "Verification ";
351 if (fu.VerifySignedImage())
352 cerr << "SUCCESS.\n";
353 else
354 cerr << "FAILURE.\n";
355 }
356 return 0;
357}